Hi David,
David Craven <[email protected]> writes:
>> According to "git log --show-signature" on my machine, several recent
>> commits by you (including this one) were signed with a different key
>> than the one you have registered on Savannah. Savannah has key
>> C5E051C79C0BECDB, but your recent commits were signed with key
>> 33B9E9FDE28D2C23. How are we to confirm the authenticity of this key
>> and of these commits?
>
> Hi Mark,
>
> I revoked my old key and published a new one to mit.edu. I mentioned
> it in an email that I lost access to my previous key - I know - shame
> on me
It's okay, I've lost keys sometimes too :-(
> - and if it was ok to simply regenerate a key and start signing
> with it. I did not get a reply and assumed that keys expire and are
> revoked from time to time so it must be ok. Please let me know what I
> can do to remedy this issue.
It would be good to upload your new key to Savannah. Preferably, the
public key block associated with your account on Savannah would include
both your old and new public keys.
Thanks,
Mark
